Commit Graph

279 Commits

Author SHA1 Message Date
Nick Mathewson
1e5ad15688 Merge remote-tracking branch 'arma/task19035-fixedup' 2016-05-27 13:22:16 -04:00
Nick Mathewson
617b920551 Merge remote-tracking branch 'public/hardening_flags_must_link' 2016-05-27 12:52:39 -04:00
Roger Dingledine
1ce1214d68 get rid of one more piece of --enable-instrument-downloads 2016-05-27 12:32:02 -04:00
cypherpunks
c404905822 Fix indentation and quotation of the headers 2016-05-27 11:56:34 -04:00
cypherpunks
ab8f1a9e9b Do not warn on missing headers 2016-05-27 11:56:30 -04:00
Roger Dingledine
11d52a449c Disable GET /tor/bytes.txt and GETINFO dir-usage
Remove support for "GET /tor/bytes.txt" DirPort request, and
"GETINFO dir-usage" controller request, which were only available
via a compile-time option in Tor anyway.

Feature was added in 0.2.2.1-alpha. Resolves ticket 19035.
2016-05-27 11:15:21 -04:00
Nick Mathewson
a0dd836098 Merge remote-tracking branch 'public/ticket19044' 2016-05-27 10:39:34 -04:00
Nick Mathewson
44ea3dc331 Merge branch 'maint-0.2.8' 2016-05-25 10:21:15 -04:00
Nick Mathewson
be3875cda2 Make sure that libscrypt_scrypt actually exists before using it.
Previously, if the header was present, we'd proceed even if the
function wasn't there.

Easy fix for bug 19161.  A better fix would involve trying harder to
find libscrypt_scrypt.
2016-05-24 10:31:02 -04:00
Nick Mathewson
2fa7a3af4c Make advisory-warnings on by default.
Add --enable-fatal-warnings to control -Werror.

Closes ticket 19044.
2016-05-23 14:39:56 -04:00
Nick Mathewson
60ac07940f Fix "conditional "ADD_MULODI4" was never defined". 2016-05-19 16:38:24 -04:00
Nick Mathewson
ae7e2b9a7c add missing atoi for cosmetic reasons 2016-05-19 16:01:25 -04:00
Nick Mathewson
6d6c8287d5 Include __mulodi4 in libor_ctime when it fixes clang -m32 -ftrapv
We use a pretty specific pair of autoconf tests here to make sure
that we only add this code when:
   a) a 64-bit signed multiply fails to link,
 AND
   b) the same 64-bit signed multiply DOES link correctly when
      __mulodi4 is defined.

Closes ticket 19079.
2016-05-18 09:50:38 -04:00
Nick Mathewson
d9080f5d3a Check linking of hardening options, give better warnings if it fails.
Previously we'd only check whether the hardening options succeeded
at the compile step. Now we'll try to link with them too, and tell
the user in advance if something seems likely to go wrong.

Closes ticket 18895.
2016-05-16 09:37:27 -04:00
Nick Mathewson
9abd7b8f90 Windows lacks truncate(3).
Fix the new crypto tests, which used truncate(3).
2016-05-16 09:25:19 -04:00
Nick Mathewson
607a9056d4 Merge branch 'ftrapv_v3'
There were some conflicts here, and some breakage to fix concerning
library link order in newer targets.
2016-05-12 13:00:45 -04:00
Nick Mathewson
a3615a988e Prefer builtin true. 2016-05-12 12:54:15 -04:00
Nick Mathewson
ce854a8d22 Add -ftrapv to gcc-hardening ... mostly!
We know there are overflows in curve25519-donna-c32, so we'll have
to have that one be fwrapv.

Only apply the asan, ubsan, and trapv options to the code that does
not need to run in constant time.  Those options introduce branches
to the code they instrument.

(These introduced branches should never actually be taken, so it
might _still_ be constant time after all, but branch predictors are
complicated enough that I'm not really confident here. Let's aim for
safety.)

Closes 17983.
2016-05-12 11:21:28 -04:00
Nick Mathewson
e31980f693 Merge branch 'maint-0.2.8' 2016-05-11 12:23:40 -04:00
Nick Mathewson
50249c7cd9 Merge branch 'maint-0.2.7' into maint-0.2.8 2016-05-11 12:23:20 -04:00
Nick Mathewson
039fc8427a Merge branch 'bug18841_1_025' into maint-0.2.7 2016-05-11 12:22:36 -04:00
Nick Mathewson
c662bef455 Undefine _FORTIFY_SOURCE before defining it.
This makes our compilation options checks in autoconf work better on
systems that already define _FORTIFY_SOURCE.

Fixes at least one case of bug 18841; bugfix on 0.2.3.17-beta. Patch
from "trudokal".
2016-05-11 12:15:37 -04:00
Nick Mathewson
3220bd816b Merge branch 'maint-0.2.8' 2016-03-28 16:14:21 -04:00
Nick Mathewson
c8eb39d67f Remove a couple of redundant lines from the makefile
Fixes the last case of 17744.
2016-03-28 16:11:25 -04:00
Nick Mathewson
447b1c6b1d Begin an 0.2.9 branch 2016-03-28 15:54:59 -04:00
Nick Mathewson
a3f36bfd81 and NOW the version is 0.2.8.2-alpha-dev 2016-03-28 15:53:17 -04:00
Nick Mathewson
5b12642d09 Bump version correctly this time 2016-03-28 11:22:20 -04:00
Nick Mathewson
fc877b3c9e Bump the version number 2016-03-28 09:32:14 -04:00
Nick Mathewson
049445bca3 Merge branch 'bug18626_027' 2016-03-25 16:28:33 -04:00
Nick Mathewson
db1352703c Remove spurious exit() calls from configure.ac
We added these a while ago, but they do no actual good, and
cause implicit declaration warnings in some situations.  Rather than
just adding stdint.h, it's easier to remove the exit() calls
as redundant.

Fixes bug 18626; bugfix from "cypherpunks"
2016-03-25 16:26:13 -04:00
cypherpunks
25fa21802f Move Automake options to configure.ac
This will centralize the version configuration in one file to simplify
future changes.

Also fixes some typos in the Automake options comments.
2016-03-11 10:08:53 -05:00
Nick Mathewson
31c7a65d89 Document required autotools versions
CentOS 6 is roughly the oldest thing we care about developers still
using, and it has autoconf 2.63 / automake 1.11.  These are both
older than openssl 1.0.0, so anybody who can't upgrade past those
probably can't upgrade to a modern openssl either.  And since only
people building from git or editing configure.ac/Makefile.am need to
use autotools, I'm not totally enthused about keeping support for
old ones anyway.

Closes ticket 17732.
2016-02-23 11:08:04 -05:00
zerosion
44ea7af686 Quotes added on configure script's string comparison.
Solves #17744

The syntax has been generalized too, so there are only double quotes.

Signed-off-by: zerosion <zerosion@protonmail.ch>
2016-02-10 15:46:39 -05:00
Nick Mathewson
69c47ab5fd Merge remote-tracking branch 'sebastian/bug18242' 2016-02-10 15:38:52 -05:00
Nick Mathewson
4dc8dc4b89 Merge remote-tracking branch 'public/bug18184' 2016-02-10 15:36:48 -05:00
Sebastian Hahn
55d6fd27cb Fix the --disable-asserts-in-tests configure option 2016-02-05 14:40:07 +01:00
Nick Mathewson
6149703089 Bump to 0.2.8.1-alpha-dev 2016-02-04 18:24:20 -05:00
Nick Mathewson
af116081f9 Make the no-assertions-during-coverage check into a configure option
Closes ticket 18242.

The rationale here is that I like having coverage on by default in my
own working directory, but I always want assertions turned on unless
I'm doing branch coverage specifically.
2016-02-04 12:51:52 -05:00
Nick Mathewson
5da517e689 Bump version. (This is not yet the release.) 2016-02-04 10:07:06 -05:00
Nick Mathewson
5f7df92571 Remove support for unsigned time_t
We've never actually tested this support, and we should probably assume
it's broken.

To the best of my knowledge, only OpenVMS has this, and even on
OpenVMS it's a compile-time option to disable it.  And I don't think
we build on openvms anyway.  (Everybody else seems to be working
around the 2038 problem by using a 64-bit time_t, which won't expire
for roughly 292 billion years.)

Closes ticket 18184.
2016-01-29 09:18:59 -05:00
Nick Mathewson
1d6dd288e1 Try a little harder to only use SecureZeroMemory when it's present
We could be using AC_CHECK_FUNC_DECL too, but it shouldn't be needed.
2016-01-11 09:02:42 -05:00
Nick Mathewson
3783046f3b Use memset_s or explicit_bzero when available. 2016-01-07 12:53:24 -08:00
Nick Mathewson
de8110fba2 Explicitly test our get/set_uint{8,16,32,64}. 2016-01-03 08:27:54 -08:00
Nick Mathewson
bc2cd0ff2b Use timingsafe_memcmp() where available.
See ticket 17944; patch from "logan".
2015-12-29 09:43:01 -05:00
Nick Mathewson
ff3e90070f Merge branch 'maint-0.2.7' 2015-12-22 20:38:33 -05:00
Nick Mathewson
d0c209c51d Remove extraneous #endif in configure.ac
This will fix the detection of struct in6_addr.s6_addr32 and others

Found and fixed by cypherpunks; bug 17923; bugfix on f948caad7b
2015-12-22 20:37:02 -05:00
Nick Mathewson
3317cd3a1f Merge branch 'maint-0.2.7' 2015-12-16 09:24:40 -05:00
Nick Mathewson
33b5bfb948 Don't call pthread_condattr_setclock() unless it exists
Fixes bug 17819; bugfix on 0.2.6.3-alpha (specifically, d684dbb0).
2015-12-16 09:23:44 -05:00
Nick Mathewson
aba39ea390 Merge branch 'feature8195_small_squashed' 2015-12-15 13:11:06 -05:00
Nick Mathewson
e8cc839e41 Add ability to keep the CAP_NET_BIND_SERVICE capability on Linux
This feature allows us to bind low ports when starting as root and
switching UIDs.

Based on code by David Goulet.

Implement feature 8195
2015-12-15 13:10:57 -05:00